Invicti Enterprise On-Premises 06 Jan 2021

NEW FEATURES

  • Added the Stop the Scan if the Build fails option in GitLab CI/CD
  • Added the Fail the Build if one of the selected scan severity is detected option in GitLab CI/CD
  • Upgraded the Invicti scanning engine to version 5.9.1.27722.

NEW SECURITY CHECKS

  • Added Oracle WebLogic Server Remote Code Execution (CVE-2020-14882)
  • Added Oracle WebLogic Server Authentication Bypass (CVE-2020-14883)

IMPROVEMENTS

  • Added the Scan Group selection combo box to Trend Matrix Report
  • Added WASC Threat Classification Report
  • Added the Export Unconfirmed option in the report generation screen
  • Added the info box to Custom Scripts window for the Form Authentication 
  • Added URL Rewrite Rules while a file is being imported
  • Added Uniqueness Controls on the new integration wizard
  • Added validations of new integration wizard
  • Added Swagger JSON link API document’s index
  • Added the Exclude Authentication Pages checkbox when the Form Authentication option is enabled
  • Improved the Discovery Page’s performance
  • Improved the performance of generating reports that contain a large number of vulnerabilities
  • Improved the custom script’s performance 
  • Improved the website preview image resolution on the Verify Login & Logout screen
  • Refactored the Report Policy Migrator 
  • Disabled auto-complete in the login page inputs.
  • Changed the data protection policy link 
  • Changed the issue email template’s website URL 
  • Admin users can now set the maximum number of websites a member can add
  • Excluded usage tracker list can now be added from the new scan page

FIXES

  • Fixed a bug when scheduled scan with an imported file is edited by a different user
  • Fixed a bug in the Custom Cookie process
  • Fixed imported file bug on scan profile saving
  • Added minimum agent selection control for Agent Group
  • Fixed Agents Scanning tooltip 
  • Fixed the auto-scaling problem that occurred while using Cloud Provider in Invicti Enterprise On-Premises
  • Fixed the First Seen Date parameter in the Kenna integration
  • Fixed Burp XML file import problem. Users can import Burp XML file
  • Fixed report validation export problem. Users will not get an empty file
  • Fixed the error related to exporting for customers who have many websites.
  • The websites belonging to the filtered website group have been provided to be exported.
  • Users can now add a new URL Rewrite Rule without losing the existing ones